Despite Mozilla’s dislike of Digital Rights Management (DRM), the company has decided to implement a “built-in” DRM extension for the Web, the W3C Encrypted Media Extensions (EME).
“Today at Mozilla, we find ourselves at a difficult spot. We face a choice between a feature our users want, and the degree to which that feature can be built to embody user control and privacy,” wrote Mitchell Baker, executive chairwoman at Mozilla, on the company blog.
DRM is a technical mechanism content owners require in order to control how their content, such as movies and TV shows, are used and distributed. Browsers have to implement DRM in order for content owners to allow their content to be viewed through them.
Mozilla isn’t a fan of DRM because “It doesn’t strike the correct balance between protecting individual people and protecting digital content,” said Baker.
According to Andreas Gal, CTO and VP of mobile at Mozilla, the W3C EME uses a Content Decryption Module to play the restricted content, and since the purpose is to defy scrutiny and modification from the user, it can’t be open source.
“For security, privacy and transparency reasons, this is deeply concerning,” Gal wrote on his blog. “From the security perspective, for Mozilla it is essential that all code in the browser is open so that users and security researchers can see and audit the code.”
Mozilla’s implementation of the W3C EME specification aims to satisfy the requirement while giving users as much control and transparency as possible. Adobe has been selected to provide the key functionality because Mozilla said it has built the necessary relationships with content owners. Each user will be able to decide if they want to activate the DRM implementation, and Mozilla has surrounded the closed-source portion with an “open-source wrapper,” said Baker.